>From: fedora-list-bounces@xxxxxxxxxx >[mailto:fedora-list-bounces@xxxxxxxxxx]On Behalf Of Daniel B. Thurman >Sent: Friday, December 16, 2005 6:11 PM >To: For users of Fedora Core releases (E-mail) >Cc: Fedora SELinux support list for users & developers. >Subject: Problem with VNC and SELinux: FC4 > > > >Folks, > >With the new SELinux updates, it appears that root, >other than normal users can login to Fedora via VNC >Server? My VNC Server is setup such that I am using >xinitd for VNC Server requests. > >Another problem I noticed is that when I log into my >Fedora system via VNC as root user, and open a xterm >window and run a su - <normal-user>, I get back a >SElinux message: > >================================================ ># su - dan >Your default context is: user_u:system_r:kernel_t. > >Do you want to want to choose a different one? [n] >================================================ > >It is *possible* that this problem came up when >I had to make a copy of my filesystem to another >hard-disk for the purpose of creating a /boot >partition (my bad) and copied/restored the filesystem >back over to the main drive. I don't think I made >any copy/restore mistakes as I know the fs permissions >are correct but I cannot speak for filesystem journaling >or whatever that keeps track of the SELinux attributes. > >In any case, what can I do to resolve my VNC and/or su >issue knowing that SElinux has something to do with it? > >Thanks! >Dan Thurman > >-- >No virus found in this outgoing message. >Checked by AVG Free Edition. >Version: 7.1.371 / Virus Database: 267.14.1/204 - Release >Date: 12/15/2005 > > Someone care to help me out here? I have been trying to remote login as a non-root user and VNC is trying to let me in, but for some reason is dropping the VNC client, thus denying me. Login as root works. I suspect that a selinux context is needed to allow remote non-root VNC user access? I had a private email sent to me saying that they had a similar problem as well but did not offer any solution for a fix. Anything I can do or research to narrow down this issue? Thanks, Dan -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.1/206 - Release Date: 12/16/2005
